Method of verifying integrity of electronic device, storage medium, and electronic device

1. A method of verifying integrity of an electronic device, the method comprising: instantiating a normal world virtual processor and a secure world virtual processor for the electronic device; executing an integrity verification agent within a domain of the secure world virtual processor; intercepting, by the secure world virtual processor, an operation attempted by the normal world virtual processor in which the operation is associated with a kernel module; and verifying, by the integrity verification agent, the intercepted operation, wherein the verifying of the intercepted operation includes: obtaining a verification table for the kernel module: calculating a hash value of the kernel module; and comparing the calculated hash value of the kernel module with a corresponding hash value stored in the verification table; and loading the kernel module when the calculated hash value of the kernel module is identical to the corresponding hash value stored in the verification table.

2. The method of claim 1 , wherein the intercepted operation associated with the kernel module comprises an instruction to disable, modify, or mitigate the integrity verification agent.

3. The method of claim 1 , wherein the secure world virtual processor is separated and protected from the normal world virtual processor.

4. The method of claim 1 , wherein data and code of the secure world virtual processor is inaccessible by the normal world virtual processor.

5. The method of claim 1 , wherein data and a code of the normal world virtual processor is accessible by the secure world virtual processor.

6. The method of claim 1 , wherein instantiating of the normal world virtual processor comprises: generating a virtual memory map of the normal world virtual processor; and defining memory access protection of privileged code pages within the virtual memory map as non-writeable.

7. The method of claim 6 , wherein the privileged code pages comprise an interrupt that processes a vector or exceptions that process the vector.

8. The method of claim 6 , wherein the virtual memory map of the normal world virtual processor defines memory access such that an unprivileged code page is prevented from executing a security critical operation or a privileged instruction.

9. The method of claim 1 , wherein intercepting the operation comprises switching an execution context from the normal world virtual processor to the secure world virtual processor, such that the operation is executed with the integrity verification agent in lieu of a normal world operating system.

10. The method of claim 1 , wherein intercepting the operation comprises: modifying a normal world operating system of the normal world virtual processor; and intercepting attempts to write information into privileged code pages.

11. The method of claim 10 , wherein modifying the normal world operating system of the normal world virtual processor comprises at least one of: modifying source code of the normal world operating system; modifying an executable binary of the normal world operating system; and converting a binary of the normal world operating system.

12. The method of claim 1 , further comprising: performing a static integrity check of a normal world operating system of the normal world virtual processor.

13. The method of claim 1 , further comprising: performing a mitigation action.

14. The method of claim 13 , wherein the mitigation action comprises at least one of: rejecting execution of the intercepted operation; issuing a security alert; and shutting down the electronic device.

15. The method of claim 13 , wherein the integrity verification agent intercepts the operation associated with the kernel module, when the integrity verification agent detects that the operation violates a security policy.

16. An electronic device for performing integrity verification, comprising: a normal world virtual processor to execute a normal world operating system; a secure world virtual processor to: execute an integrity verification agent; intercept an operation attempted by the normal world virtual processor in which the operation is associated with a kernel module; and verify, using the integrity verification agent, the intercepted operation, wherein the secure world virtual processor is configured to: obtain a verification table for the kernel module; calculate a hash value of the kernel module; and compare the calculated hash value of the kernel module wilt a corresponding hash value stored in the verification tablet; load the kernel module when the calculated hash value of the kernel module is identical to the corresponding hash value stored in the verification table.

17. A non-transitory computer-readable medium which upon execution instructs at least one processor to: instantiate a normal world virtual processor and a secure world virtual processor for an electronic device; execute an integrity verification agent within a domain of the secure world virtual processor; intercept, by the secure world virtual processor, an operation attempted by the normal world virtual processor in which the operation is associated with a kernel module; and verity, by the integrity verification agent, the intercepted operation, wherein the at least one processor is configured to: obtain a verification table for the kernel module; calculate a hash value of the kernel module; and compare the calculated hash value of the kernel module with a corresponding hash value stored in the verification table, and load the kernel module when the calculated hash value of the kernel module is identical to the corresponding hash value stored in the verification table.